I read other posts, but none of them seemed to cover my main concern as password managers being a single point of failure.
What exactly is the difference of using **(A)** the same 25-long password for all my important logins (email, banks, personal documents), and **(B)**, a 25-long password as the master key to my password manager with different keys to my individual logins?
A malicious user would take the same amount of time to crack that 25-long password in my password manager and my bank account. In scenario A the attacker would crack the password and have access to my other logins (since they are all the same), and in scenario B the attacker would crack my password manager, therefore exposing all my other logins. So what exactly is the difference here?
I understand password managers help the general population in the sense of enforcing a stronger password. But if you already use a very strong password (i.e. 25 characters) for all your log-ins, I don’t really understand the difference to having a password manager, where I would use that same password as the master key, which technically leads to the same catastrophic scenario.
Help me understand.
In: 5
> A malicious user would take the same amount of time to crack that 25-long password in my password manager
Random websites often don’t secure passwords very well, and so it may be easier for an attacker to retrieve. Or you may be tricked into typing it in to a phishing website.
Password managers’ tend to put a lot of effort into protecting your master password, because that is literally their purpose. And you know that this password is only to be used with your password manager so you’re less likely to fall for a phishing attack.
Latest Answers